VPN/Direct Connect Access
Scenarios
If your local data center or private network cannot access SWR through a public network, you can use Direct Connect or VPN to connect to Huawei Cloud VPC and use a VPC endpoint to access SWR.
This applies only to pushing images. To pull images, you also need to configure a VPC endpoint for accessing the private IP address of OBS.
Procedure
- Create a VPC. For details, see Creating a VPC.
- Create a Direct Connect connection or VPN so that the data center can connect to the VPC through Direct Connect or VPN.
- Buy a VPC endpoint.
- Log in to the VPC Endpoint console.
- On the displayed page, click Buy VPC Endpoint.
- Configure the parameters as prompted. In Service List, select com.myhuaweicloud.*******.SWR or com.myhuaweicloud.*******.swr. ******* indicates the region ID.
In some regions, com.myhuaweicloud.*******.SWR is not displayed in the service list. You can search for it by name.
- Click Next.
- Confirm the order details and click Submit.
- Obtain the private IP address and domain name for accessing the VPC.
By default, the domain name resolution rule is automatically added to Huawei Cloud VPCs.
You only need to configure hosts for non-Huawei Cloud endpoints.
- Configure hosts of the local data center. The hosts IP address consists of the IP address and private domain name of the VPC endpoint. Example:
Figure 2 Example hosts
In this section, 172.xx.xx.xx swr.ap-southeast-1.myhuaweicloud.com is only an example. Replace it with the actual IP address and private domain name.
There are two configuration methods:
Configuring the hosts file in the Linux OS
Configuring the on-premises DNS server
- Configuring the hosts file in the Linux OS
- Run the following command to open the /etc/hosts file:
sudo vim /etc/hosts
- Add a custom domain name in the format of xx.xx.xx.xx swr.xx -xx.myhuaweicloud.com.
xx.xx.xx.xx and swr.xx -xx.myhuaweicloud.com indicate the IP address and domain name obtained in 4, respectively.
- Run the following command to restart the network.
sudo/etc/init.d/networking restart
- Configuring the on-premises DNS server
- Obtain the IP address of the VPC endpoint by referring to 4.
- Configure DNS forwarding rules on the DNS server in the on-premises data center.
The methods of configuring DNS forwarding rules vary depending on OSs. For details, see the operation guide of the corresponding DNS software.
This step uses the Linux OS and Bind (common DNS software) as an example.
- Edit the /etc/named.conf file to add a zone.
zone " swr.xx-xx.myhuaweicloud.com " IN { type master; file " /var/named/swr.xx-xx.myhuaweicloud.com.zone"; }; - Configure forward DNS resolution. Create a file /var/named/swr.xx-xx.myhuaweicloud.com.zone mentioned in 5.b.i.
$TTL 604800 @ IN SOA swr.xx-xx.myhuaweicloud.com. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS swr.xx-xx.myhuaweicloud.com. swr.xx-xx.myhuaweicloud.com. IN A xx.xx.xx.xx - Restart the service.
- You can query SWR endpoints in different regions in Regions and Endpoints.
- If no DNS server is available in the local data center, add the endpoint IP address for accessing DNS to the /etc/resolv.conf file of the local data center.
- swr.xx-xx.myhuaweicloud.com indicates the IP address obtained in Step 4.
- Edit the /etc/named.conf file to add a zone.
- Run the following command to verify the configuration:
ping swr.xx -xx.myhuaweicloud.com
- Use this domain name (swr.xx -xx.myhuaweicloud.com) in the later access to SWR.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
